U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Microsoft Releases April 2015 Security Bulletin

Microsoft has released eleven updates to address vulnerabilities in Microsoft Windows. Some of these vulnerabilities could allow elevation of privilege, denial of service, remote code execution, information disclosure, or security feature bypass.

US-CERT encourages users and administrators to review Microsoft Security Bulletins MS15-032 - MS15-042 and apply the necessary updates.

WP Super Cache Cross-Site Scripting (XSS) Vulnerability

WP Super Cache, a WordPress plugin, contains a persistent XSS vulnerability in versions prior to 1.4.4. Exploitation of this vulnerability could allow a remote attacker to take control of the affected system.

Users and administrators are encouraged to review the WP Super Cache Changelog for more information and update to version 1.4.4 if affected.

Apple Releases Security Updates for OS X, iOS, Safari, and Apple TV

Apple has released security updates for OS X, iOS, Safari, and Apple TV to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of the affected system.

Available updates include:

  • OS X Yosemite v10.10.3 and Security Update 2015-004 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10 to v10.10.2
  • iOS 8.3 for iPhones 4s and later, iPod touch 5th generation and later, and iPad 2 and later
  • Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2
  • Apple TV 7.2 for Apple TV 3rd generation and later

US-CERT encourages users and administrators to review Apple security updates HT204659, HT204661, HT204658, and HT204662, and apply the necessary updates.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top